#wp2shell is what happens when a value escapes validation and keeps its original shape all the way to SQL.
Our full breakdown from the fix assurance angle: https://t.co/49RX7htYh2
Small paper, useful paranoia fuel for anyone building agent skill registries.
- coding agents suggested non-existent skills 36% of the time on average, and 43% on real developer questions
- the fake names were not random. they repeated across prompts and sessions
- that makes this look less like hallucination and more like typosquatting for agent marketplaces. pre-register the name, wait for the model to recommend it
- registry-grounding cut hallucinations to 3.2%, but correctness dropped too, roughly 1 in 6 correct. safer, less useful, very on brand for security
https://t.co/wPbo9QIRKq
SonicWall SMA1000 - an unauthenticated SSRF (CVSS 10.0) chained with a path-traversal-to-root bug (CVSS 7.2) into full unauthenticated root RCE. Both confirmed KEV, both actively exploited, BOD 26-04 deadline is today. Patch it folks!!
SharePoint in KEV again, this time unauthenticated RCE, 9.8, three day clock. second deserialization/RCE-class entry since May, and the bar keeps dropping. low-privilege user was bad enough. this one needs no authentication at all.
Legacy enterprise software ages like milk.
Deterministic confinement for web agents feels like the right instinct: stop asking the model to be trustworthy and start bounding what it is allowed to break.
@BleepinComputer A good reminder that patching should be context driven too. CVE-2026-15409 (SSRF, no auth) and -15410 (command injection) chain together, so patching one without the other still leaves the door open.
@TheHackersNews Wild that the exploited SharePoint zero-day is a 5.3 Medium in Microsoft's scoring and a 9.8 Critical in NVD, given that its on the KEV list
@The_Cyber_News Useful detail here: this is not one RDP bug showing up five times. Same patch batch, same info disclosure outcome, but at least four different memory-handling failures underneath it.
This has been an unusually dense week for npm supply-chain news specifically AsyncAPI, Jscrambler, Trivy-action/TeamPCP, PolinRider, and the Paysafe typosquat campaign all broke within days of each other, plus npm v12 shipped right in the middle of it.
@MsftSecIntel this is the second AsyncAPI compromise in as many days. /specs got hit separately. different repo, different vector than the generator packages. coordinated response here is going to be messier than rotate one token.
@ReliaQuestTR 36 PRs titled "docs: add donation files," from 8 accounts, all to add noise. one real PR buried in there actually stole the CI tokens. the misconfigured workflow got the writeups, but 36 identical decoys getting past review without a single flag is the more interesting failure.
SonicWall SMA1000 has two chained zero-days actively exploited in the wild: CVE-2026-15409, unauthenticated SSRF, CVSS 10.0, and CVE-2026-15410, authenticated code injection / RCE, CVSS 7.2.
CISA added both to KEV today with a 3-day due date. SonicWall says patching alone is not sufficient: check for IoCs, and if compromised, re-image affected systems and rotate every credential and TOTP token.
I keep saying this: a vulnerability is the property of a system, not a component. Just because a CVE exists doesn't make a container or a VM exploitable.